package com.swotxu.screwweb.config;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @Date: 2021/7/13 21:59
 * @Author: xu.hai
 */
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Value("${screw.isOpenDownLoad:false}")
    private volatile boolean isOpenDownLoad;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.headers().frameOptions().sameOrigin()
                .and()
                .formLogin()
                .successHandler((req, resp, authentication) -> resp.sendRedirect("index.html"))
                .and()
                .httpBasic()
                .and()
                .csrf().disable();
    }

    public boolean isOpenDownLoad() {
        return isOpenDownLoad;
    }

    public void setOpenDownLoad(boolean openDownLoad) {
        isOpenDownLoad = openDownLoad;
    }
}
